Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu, PC znecisteny haveti

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
jarda02
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 čer 2005 11:19

Kontrola logu, PC znecisteny haveti

#1 Příspěvek od jarda02 »

Dobry den,

rad bych Vas pozadal o pomoc, PC je silne znecisten ruznou haveti(malware, spyware), co chvili vyskakuji nejaka okna nabadajici k instalaci dalsi haveti.

Dekuji.
___________________________________________________________________________________

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sveta at 2015-04-18 11:30:26
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 380 GB (83%) free of 459 GB
Total RAM: 4012 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:31:02, on 18.04.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
C:\Users\Sveta\AppData\Local\Mail.Ru\MailRuUpdater.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\Sveta\AppData\Local\Temp\nscA595.tmp
C:\Program Files (x86)\gmsd_de_436\gmsd_de_436.exe
C:\Users\Sveta\AppData\Local\gmsd_de_436\upgmsd_de_436.exe
C:\Users\Sveta\AppData\Local\Temp\nsi7914.tmp
C:\Program Files (x86)\XTab\cmdshell.exe
C:\Program Files (x86)\XTab\HPNotify.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Sveta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.luckysearches.com/?type=hp&t ... 5M7K6YTTEX
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?p=mKO_AwFzXI ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?p=mKO_AwFzXI ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.mail.ru/?ieverfix=1&fr=ieverfix_sg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.luckysearches.com/?type=hp&t ... 5M7K6YTTEX
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.luckysearches.com/web/?type= ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.luckysearches.com/web/?type= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.luckysearches.com/?type=hp&t ... 5M7K6YTTEX
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?p=mKO_AwFzXI ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?p=mKO_AwFzXI ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing)
O2 - BHO: MuvicEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\XTab\SupTab.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Html5 geolocation provider - {9BFBA68E-E21B-458E-AE12-FE85E903D2C0} - C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\npHtml5loc.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Muvic - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [VAIO Boot Manager] "C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe"
O4 - HKLM\..\Run: [MAgent] C:\Program Files (x86)\Mail.Ru\Agent\magent.exe -LM
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe" /gui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AlterGeoUpdater] C:\Program Files (x86)\AlterGeo\Html5 geolocation provider\html5locsvc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [gmsd_de_436] "C:\Program Files (x86)\gmsd_de_436\gmsd_de_436.exe"
O4 - HKLM\..\RunOnce: [upgmsd_de_436.exe] C:\Users\Sveta\AppData\Local\mbot_de_60\upgmsd_de_436.exe -runonce
O4 - HKCU\..\Run: [AlterGeoUpdater] C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5locsvc.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MAgent] C:\Users\Sveta\AppData\Roaming\Mail.Ru\Agent\magent.exe -CU
O4 - HKCU\..\Run: [zwazntlijdixrvy] C:\ProgramData\zwazntli.exe
O4 - HKCU\..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay
O4 - HKCU\..\Run: [MailRuUpdater] C:\Users\Sveta\AppData\Local\Mail.Ru\MailRuUpdater.exe
O4 - HKCU\..\Run: [HP Officejet 6700 (NET)] "C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" -deviceID "CN35HBSKT505RQ:NW" -scfn "HP Officejet 6700 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Praetorian] C:\Users\Sveta\AppData\Local\Yandex\Updater\praetorian.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [AlterGeoUpdater] C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5locsvc.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AlterGeoUpdater] C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5locsvc.exe (User 'Default user')
O4 - Startup: Tintenwarnungen überwachen - .lnk = ?
O4 - Startup: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk = ?
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files (x86)\Mail.Ru\Agent\magent.exe
O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files (x86)\Mail.Ru\Agent\magent.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Sveta\AppData\Roaming\Mail.Ru\Agent\magent.exe (HKCU)
O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Sveta\AppData\Roaming\Mail.Ru\Agent\magent.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ccl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ccl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ccl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ccl.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ccl.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F5033D5-5427-46EB-8ECD-440AEBEA6B1F}: NameServer = 10.148.224.2,10.156.33.53
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\search~1\search~1\bin\vc32lo~1.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit-Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Browser-Schutz (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - XTab system - C:\Program Files (x86)\XTab\ProtectService.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: mail update Service (mailUpdate) - Skytech Co., Ltd. - C:\ProgramData\MailUpdate\mailUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NewVideoPlayer Updater Service (NewVideoPlayerUpdaterService) - Unknown owner - C:\Program Files (x86)\NewPlayer\NewVideoPlayerUpdaterService.exe
O23 - Service: PicexaService - Taiwan Shui Mu Chih Ching Technology Limited - C:\Program Files (x86)\Picexa\PicexaSvc.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VO Service component (servervo) - Unknown owner - C:\Users\Sveta\AppData\Roaming\VOPackage\VOsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - SysTool PasSame LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files (x86)\WinZipper\winzipersvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 23424 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
atieclxx
C:\Windows\system32\WLANExt.exe 18242912
\??\C:\Windows\system32\conhost.exe "800434256-198846416110345734042061700206-531033996-735794151177390520957895100
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\Picexa\PicexaSvc.exe"
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
"C:\Program Files (x86)\WinZipper\winzipersvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe"
"C:\Program Files (x86)\NewPlayer\NewVideoPlayerUpdaterService.exe"
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Users\Sveta\AppData\Roaming\VOPackage\VOsrv.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe"
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
C:\Windows\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
"C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 3944
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000004d8
"taskhost.exe"
"C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {7F03F062-C081-43FC-806B-81FE33C822FA}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\System32\alg.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe"
"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
/Device:000000a1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Apoint\Apoint.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-494222784267974325556490299-3223743171227867280-17448425818467864961083023441
"C:\Program Files\Apoint\Apvfb.exe"
"C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe" /Stay
"C:\Users\Sveta\AppData\Local\Mail.Ru\MailRuUpdater.exe"
"C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" -deviceID "CN35HBSKT505RQ:NW" -scfn "HP Officejet 6700 (NET)" -AutoStart 1
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Officejet 6700\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN35HBSKT505RQ;CONNECTION=NW;MONITOR=1;
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Officejet 6700\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN35HBSKT505RQ;CONNECTION=NW;MONITOR=1;
"C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
C:\Windows\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529}
"C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe" -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Sony\VAIO Care\VCsystray.exe"
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata"
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe"
C:\Windows\System32\vds.exe
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled -critical
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
C:\Users\Sveta\AppData\Local\Temp\nscA595.tmp /idn
"C:\Program Files (x86)\gmsd_de_436\gmsd_de_436.exe"
"C:\Users\Sveta\AppData\Local\gmsd_de_436\upgmsd_de_436.exe" -runhelper
C:\ProgramData\MailUpdate\mailUpdate.exe -service
C:\Users\Sveta\AppData\Local\Temp\nsi7914.tmp
"C:\Program Files (x86)\XTab\ProtectService.exe"
"C:\Program Files (x86)\XTab\cmdshell.exe"
HPNotify.exe -run
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe"
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe"
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.luckysearches.com/?type=sc&t ... 5M7K6YTTEX
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="11244.0.1592653700\791474738" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,41 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.823.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=de --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Hivemind_A2_Stable_R7_Postperiod/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=11244 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="11244.2.8234384\1884404824" /prefetch:673131151
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=de --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Hivemind_A2_Stable_R7_Postperiod/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=11244 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="11244.3.152991197\2015606288" /prefetch:673131151
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=de --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Hivemind_A2_Stable_R7_Postperiod/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=11244 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="11244.4.24571405\452133511" /prefetch:673131151
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="11244.8.471112749\1902266032" --ppapi-flash-args=enable_hw_video_decode=1 --lang=de --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=de --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Hivemind_A2_Stable_R7_Postperiod/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=11244 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="11244.11.1370684908\1649674054" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe14_ Global\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Sveta\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AlterGeoUpdaterS-1-5-18.job - C:\Program Files (x86)\AlterGeo\Html5 geolocation provider\html5locsvc.exe /task
C:\Windows\tasks\APSnotifierPP1.job - C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe --notifier 3A
C:\Windows\tasks\APSnotifierPP2.job - C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe --notifier 4
C:\Windows\tasks\APSnotifierPP3.job - C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe --notifier 6
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2111165262-662730761-1409148565-1000Core.job - C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2111165262-662730761-1409148565-1000UA.job - C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\WSE_Astromenda.job - C:\Users\Sveta\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE /Check

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
MuvicEngine - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-18 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-30 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\progra~1\mcafee\msk\mskapbho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
MuvicEngine - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\XTab\SupTab.dll [2015-04-02 538208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-18 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID-Anmelde-Hilfsprogramm - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BFBA68E-E21B-458E-AE12-FE85E903D2C0}]
AlterGeoBHO Class - C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\npHtml5loc.dll [2014-08-01 670416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113} - Muvic - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]
{ae07101b-46d4-4a98-af68-0333ea26e113} - Muvic - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-23 11490408]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-02-23 2179688]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-06 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-06 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-06 418328]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2010-12-06 226672]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
""= []
"AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [2015-03-10 9566192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlterGeoUpdater"=C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5locsvc.exe [2014-08-01 29904]
"Google Update"=C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-20 116648]
"MAgent"=C:\Users\Sveta\AppData\Roaming\Mail.Ru\Agent\magent.exe [2014-09-13 36748832]
"zwazntlijdixrvy"=C:\ProgramData\zwazntli.exe []
"Elbserver"=C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [2011-04-02 83344]
"MailRuUpdater"=C:\Users\Sveta\AppData\Local\Mail.Ru\MailRuUpdater.exe [2015-04-10 6977768]
"HP Officejet 6700 (NET)"=C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Praetorian"=C:\Users\Sveta\AppData\Local\Yandex\Updater\praetorian.exe []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-01-23 31087200]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-02-26 336384]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2011-02-15 2757312]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2010-09-23 38840]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2010-09-22 640440]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-11-27 648032]
"VAIO Boot Manager"=C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe [2011-03-11 2096320]
"MAgent"=C:\Program Files (x86)\Mail.Ru\Agent\magent.exe [2012-05-30 18423360]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe [2014-08-16 7100960]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"AlterGeoUpdater"=C:\Program Files (x86)\AlterGeo\Html5 geolocation provider\html5locsvc.exe [2012-06-06 29256]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-02-20 689744]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-08-16 152392]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-04-18 5512912]
"gmsd_de_436"=C:\Program Files (x86)\gmsd_de_436\gmsd_de_436.exe [2015-04-16 3982792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"upgmsd_de_436.exe"=C:\Users\Sveta\AppData\Local\mbot_de_60\upgmsd_de_436.exe -runonce []

C:\Users\Sveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Tintenwarnungen überwachen - .lnk - C:\Windows\system32\RunDll32.exe
Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-06 385024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CCL]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-18 11:30:26 ----D---- C:\rsit
2015-04-18 11:30:26 ----D---- C:\Program Files\trend micro
2015-04-18 11:19:33 ----D---- C:\Users\Sveta\AppData\Roaming\LavasoftStatistics
2015-04-18 11:18:45 ----D---- C:\Program Files\Lavasoft
2015-04-18 11:17:42 ----D---- C:\Users\Sveta\AppData\Roaming\Lavasoft
2015-04-18 11:17:29 ----D---- C:\Program Files\Common Files\Lavasoft
2015-04-18 11:16:15 ----D---- C:\ProgramData\Lavasoft
2015-04-18 11:12:29 ----A---- C:\momotor.txt
2015-04-18 11:12:04 ----D---- C:\Users\Sveta\AppData\Roaming\luckysearches
2015-04-18 11:11:57 ----D---- C:\ProgramData\MailUpdate
2015-04-18 11:11:56 ----D---- C:\Users\Sveta\AppData\Roaming\MailUpdate
2015-04-18 04:42:49 ----D---- C:\Windows\system32\appraiser
2015-04-18 01:58:02 ----D---- C:\Users\Sveta\AppData\Roaming\AVAST Software
2015-04-18 01:57:53 ----D---- C:\Program Files (x86)\Winsta
2015-04-18 01:57:52 ----D---- C:\Program Files (x86)\Convertor
2015-04-18 01:57:51 ----D---- C:\Users\Sveta\AppData\Roaming\PDFConvert
2015-04-18 01:57:51 ----D---- C:\Users\Sveta\AppData\Roaming\DocToPDFConverter
2015-04-18 01:56:19 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-04-18 01:56:17 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-04-18 01:56:17 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-04-18 01:56:16 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-04-18 01:56:15 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-04-18 01:56:13 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-04-18 01:56:13 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-04-18 01:56:11 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-04-18 01:56:06 ----A---- C:\Windows\system32\aswBoot.exe
2015-04-18 01:55:50 ----A---- C:\Windows\avastSS.scr
2015-04-18 01:53:48 ----D---- C:\Program Files\AVAST Software
2015-04-18 01:53:37 ----D---- C:\Program Files (x86)\gmsd_de_436
2015-04-18 01:53:05 ----D---- C:\ProgramData\AVAST Software
2015-04-18 01:27:26 ----D---- C:\ProgramData\374311380
2015-04-16 21:54:45 ----A---- C:\Windows\SYSWOW64\CCLOff.ini
2015-04-16 21:54:45 ----A---- C:\Windows\system32\CCLOff.ini
2015-04-16 21:53:20 ----A---- C:\Windows\SYSWOW64\CCL.dll
2015-04-16 21:53:09 ----D---- C:\Program Files (x86)\IGS
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-16 09:25:02 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-16 09:25:02 ----A---- C:\Windows\system32\wuapp.exe
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wups2.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wups.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wudriver.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wucltux.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wuapi.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-16 09:24:50 ----A---- C:\Windows\system32\generaltel.dll
2015-04-16 09:24:50 ----A---- C:\Windows\system32\devinv.dll
2015-04-16 09:24:50 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-16 09:24:50 ----A---- C:\Windows\system32\acmigration.dll
2015-04-16 09:24:49 ----A---- C:\Windows\system32\invagent.dll
2015-04-16 09:24:49 ----A---- C:\Windows\system32\appraiser.dll
2015-04-16 09:24:49 ----A---- C:\Windows\system32\aepic.dll
2015-04-16 09:24:49 ----A---- C:\Windows\system32\aeinv.dll
2015-04-16 09:24:47 ----A---- C:\Windows\system32\aepdu.dll
2015-04-16 09:24:45 ----A---- C:\Windows\system32\gdi32.dll
2015-04-16 09:24:44 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-16 09:24:42 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-16 09:24:42 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-16 09:24:42 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-16 09:24:42 ----A---- C:\Windows\system32\msxml3.dll
2015-04-16 09:24:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-16 09:24:00 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-16 09:24:00 ----A---- C:\Windows\system32\ntdll.dll
2015-04-16 09:24:00 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-16 09:23:59 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-16 09:23:59 ----A---- C:\Windows\system32\kernel32.dll
2015-04-16 09:23:57 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-16 09:23:57 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-16 09:23:57 ----A---- C:\Windows\system32\wow64win.dll
2015-04-16 09:23:57 ----A---- C:\Windows\system32\schannel.dll
2015-04-16 09:23:56 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-16 09:23:56 ----A---- C:\Windows\system32\wow64.dll
2015-04-16 09:23:56 ----A---- C:\Windows\system32\srcore.dll
2015-04-16 09:23:56 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-16 09:23:56 ----A---- C:\Windows\system32\conhost.exe
2015-04-16 09:23:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-16 09:23:55 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-16 09:23:55 ----A---- C:\Windows\system32\winsrv.dll
2015-04-16 09:23:55 ----A---- C:\Windows\system32\rstrui.exe
2015-04-16 09:23:55 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-16 09:23:55 ----A---- C:\Windows\system32\kerberos.dll
2015-04-16 09:23:55 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-16 09:23:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-16 09:23:54 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\wdigest.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\sspicli.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\smss.exe
2015-04-16 09:23:54 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-16 09:23:53 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-16 09:23:53 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-16 09:23:53 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-16 09:23:53 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-16 09:23:53 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-16 09:23:53 ----A---- C:\Windows\system32\srclient.dll
2015-04-16 09:23:53 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-16 09:23:53 ----A---- C:\Windows\system32\lsass.exe
2015-04-16 09:23:53 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-16 09:23:53 ----A---- C:\Windows\system32\auditpol.exe
2015-04-16 09:23:52 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-16 09:23:52 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-16 09:23:52 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-16 09:23:52 ----A---- C:\Windows\system32\secur32.dll
2015-04-16 09:23:52 ----A---- C:\Windows\system32\credssp.dll
2015-04-16 09:23:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:23:51 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:23:51 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:23:51 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-16 09:23:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-16 09:23:51 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-16 09:23:51 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:23:47 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-16 09:23:47 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-16 09:23:47 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-16 09:23:47 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-16 09:23:46 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-16 09:23:46 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-16 09:23:46 ----A---- C:\Windows\system32\msaudite.dll
2015-04-16 09:23:46 ----A---- C:\Windows\system32\adtschema.dll
2015-04-16 09:23:45 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-16 09:23:45 ----A---- C:\Windows\system32\msobjs.dll
2015-04-16 09:23:19 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-16 09:23:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-16 09:23:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-16 09:23:06 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-16 09:23:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-16 09:23:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-16 09:23:04 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-16 09:23:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-16 09:23:02 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-16 09:23:02 ----A---- C:\Windows\system32\iernonce.dll
2015-04-16 09:23:02 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-16 09:23:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-16 09:23:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-16 09:23:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-16 09:23:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 09:23:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-16 09:22:57 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-16 09:22:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-16 09:22:57 ----A---- C:\Windows\system32\urlmon.dll
2015-04-16 09:22:57 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-16 09:22:56 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-16 09:22:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-16 09:22:56 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-16 09:22:56 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-16 09:22:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 09:22:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-16 09:22:55 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 09:22:55 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-16 09:22:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-16 09:22:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-16 09:22:54 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-16 09:22:53 ----A---- C:\Windows\system32\iesetup.dll
2015-04-16 09:22:53 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-16 09:22:52 ----A---- C:\Windows\system32\iertutil.dll
2015-04-16 09:22:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-16 09:22:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-16 09:22:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-16 09:22:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-16 09:22:50 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-16 09:22:50 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-16 09:22:48 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-16 09:22:47 ----A---- C:\Windows\system32\ieui.dll
2015-04-16 09:22:47 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-16 09:22:46 ----A---- C:\Windows\system32\ieframe.dll
2015-04-16 09:22:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-16 09:22:45 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-16 09:22:45 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-16 09:22:44 ----A---- C:\Windows\system32\vbscript.dll
2015-04-16 09:22:44 ----A---- C:\Windows\system32\jscript9.dll
2015-04-16 09:22:43 ----A---- C:\Windows\system32\wininet.dll
2015-04-16 09:22:40 ----A---- C:\Windows\system32\msrating.dll
2015-04-16 09:22:40 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-16 09:22:39 ----A---- C:\Windows\system32\mshtml.dll
2015-04-16 09:22:05 ----A---- C:\Windows\system32\clfs.sys
2015-04-16 09:22:04 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-16 09:22:04 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-08 03:02:22 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-08 03:02:21 ----SD---- C:\Windows\system32\GWX
2015-04-01 13:36:37 ----D---- C:\Users\Sveta\AppData\Roaming\Picexa Viewer
2015-04-01 13:36:37 ----D---- C:\Program Files (x86)\Picexa

======List of files/folders modified in the last 1 month======

2015-04-18 11:30:31 ----D---- C:\Windows\Temp
2015-04-18 11:30:26 ----RD---- C:\Program Files
2015-04-18 11:19:29 ----SHD---- C:\Windows\Installer
2015-04-18 11:18:49 ----D---- C:\Windows\system32\drivers
2015-04-18 11:17:29 ----D---- C:\Program Files\Common Files
2015-04-18 11:16:56 ----SHD---- C:\System Volume Information
2015-04-18 11:16:15 ----HD---- C:\ProgramData
2015-04-18 11:13:40 ----D---- C:\Program Files (x86)\XTab
2015-04-18 11:13:34 ----D---- C:\Windows\SysWOW64
2015-04-18 10:59:25 ----D---- C:\Windows\system32\config
2015-04-18 10:49:03 ----D---- C:\Users\Sveta\AppData\Roaming\Skype
2015-04-18 10:43:47 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-18 10:40:28 ----D---- C:\Program Files (x86)\WinZipper
2015-04-18 05:00:50 ----D---- C:\Windows\Microsoft.NET
2015-04-18 04:58:13 ----RSD---- C:\Windows\assembly
2015-04-18 04:48:21 ----D---- C:\Windows\winsxs
2015-04-18 04:42:52 ----D---- C:\Windows\SYSWOW64\de-DE
2015-04-18 04:42:51 ----D---- C:\Windows\system32\de-DE
2015-04-18 04:42:51 ----D---- C:\Windows\System32
2015-04-18 04:42:51 ----D---- C:\Windows\PolicyDefinitions
2015-04-18 04:42:50 ----SD---- C:\Windows\system32\CompatTel
2015-04-18 04:42:50 ----D---- C:\Windows\AppCompat
2015-04-18 04:42:49 ----D---- C:\Windows\system32\wbem
2015-04-18 04:42:48 ----SD---- C:\ProgramData\Microsoft
2015-04-18 04:42:48 ----D---- C:\Windows\AppPatch
2015-04-18 04:42:34 ----D---- C:\Program Files\Internet Explorer
2015-04-18 04:42:31 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-18 04:42:30 ----D---- C:\Windows\system32\en-US
2015-04-18 04:42:28 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-18 04:38:33 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-18 04:38:26 ----D---- C:\Windows\inf
2015-04-18 04:38:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-18 04:35:34 ----D---- C:\Windows\system32\MRT
2015-04-18 04:25:18 ----D---- C:\Windows\debug
2015-04-18 04:25:11 ----A---- C:\Windows\system32\MRT.exe
2015-04-18 04:17:16 ----D---- C:\Program Files (x86)\Microsoft
2015-04-18 02:21:48 ----D---- C:\Program Files (x86)\gmsd_de_251
2015-04-18 02:21:15 ----D---- C:\Program Files (x86)\QuickRef_1.10.0.9
2015-04-18 02:21:06 ----D---- C:\Program Files (x86)\NewPlayer
2015-04-18 02:19:31 ----D---- C:\Program Files (x86)\ver7Re-Markable
2015-04-18 02:19:30 ----D---- C:\Program Files (x86)\SupTab
2015-04-18 02:00:11 ----D---- C:\Windows\Tasks
2015-04-18 02:00:11 ----D---- C:\Windows\system32\Tasks
2015-04-18 01:59:49 ----D---- C:\Program Files (x86)\AnyProtectEx
2015-04-18 01:57:53 ----D---- C:\Program Files (x86)
2015-04-18 01:56:03 ----D---- C:\Windows
2015-04-18 01:55:09 ----D---- C:\Users\Sveta\AppData\Roaming\istartsurf
2015-04-18 01:42:06 ----D---- C:\ProgramData\Avira
2015-04-18 01:42:04 ----D---- C:\Program Files (x86)\Avira
2015-04-18 01:27:40 ----D---- C:\Program Files (x86)\Optimizer Pro
2015-04-18 01:15:45 ----D---- C:\Users\Sveta\AppData\Roaming\Gameo
2015-04-18 01:05:54 ----D---- C:\Windows\Prefetch
2015-04-16 22:35:12 ----D---- C:\Windows\system32\DriverStore
2015-04-16 22:08:09 ----D---- C:\Windows\Minidump
2015-04-16 17:21:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-16 09:20:53 ----D---- C:\Windows\system32\catroot2
2015-04-08 03:02:38 ----D---- C:\Windows\Logs
2015-04-01 13:33:56 ----D---- C:\ProgramData\WindowsMangerProtect

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-18 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-18 271200]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2011-03-18 438808]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-18 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-18 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-18 442264]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-19 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-11-25 28600]
R1 qrnfd_1_10_0_9;qrnfd_1_10_0_9; C:\Windows\system32\drivers\qrnfd_1_10_0_9.sys [2015-02-06 58224]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-18 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-18 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-18 136752]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-19 108440]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-06 9079808]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-06 299520]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\drivers\Apfiltr.sys [2010-12-06 316024]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-23 2520936]
R3 IntcDAud;Intel(R) Display-Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-04-06 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-04-06 12273408]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2011-03-08 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-01-04 8507392]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2011-02-24 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2011-02-24 181760]
R3 RRNetCapMP;RRNetCapMP; C:\Windows\system32\DRIVERS\rrnetcap.sys [2012-03-20 37480]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-30 425064]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2010-04-26 12032]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 StillCam;Treiber für serielle Digitalkamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 tbhsd;Audials Sound Capturing; C:\Windows\system32\drivers\tbhsd.sys [2012-03-20 47208]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2011-04-06 344616]
S3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys [2011-04-06 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2011-04-06 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-04-06 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-04-06 21544]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2012-09-10 22528]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RRNetCap;RRNetCap Service; C:\Windows\system32\DRIVERS\rrnetcap.sys [2012-03-20 37480]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-18 329832]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SPPD;SPPD; \??\C:\Windows\system32\drivers\SPPD.sys []
S3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2015-01-22 452040]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;USB-RNDIS-Adapter; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-06 203776]
R2 AntiVirSchedulerService;Avira Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-02-20 440400]
R2 AntiVirService;Avira Echtzeit-Scanner; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-02-20 440400]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-18 343336]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 Bonjour Service;Dienst "Bonjour"; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-05 1515792]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe [2014-08-16 7100960]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
R2 IHProtect Service;IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [2015-04-02 158816]
R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [2015-03-10 720760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-03-08 326168]
R2 mailUpdate;mail update Service; C:\ProgramData\MailUpdate\mailUpdate.exe [2015-03-12 777728]
R2 NewVideoPlayerUpdaterService;NewVideoPlayer Updater Service; C:\Program Files (x86)\NewPlayer\NewVideoPlayerUpdaterService.exe [2014-08-12 11776]
R2 PicexaService;PicexaService; C:\Program Files (x86)\Picexa\PicexaSvc.exe [2015-03-26 396984]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-05 836880]
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
R2 servervo;VO Service component; C:\Users\Sveta\AppData\Roaming\VOPackage\VOsrv.exe [2014-09-07 71680]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-03-08 2656280]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2011-03-05 64704]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-02-14 550080]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-02-18 546608]
R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-03-29 852160]
R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 641352]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
R3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S2 AntiVirWebService;Avira Browser-Schutz; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2014-02-20 1017424]
S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16 268464]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-30 651720]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
S4 LPTSystemUpdater;LPT System Updater Service; C:\Program Files (x86)\LPT\srpts.exe [2014-08-27 34328]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu, PC znecisteny haveti

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jarda02
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 čer 2005 11:19

Re: Kontrola logu, PC znecisteny haveti

#3 Příspěvek od jarda02 »

Provedeno a zde je pozadovany log:

# AdwCleaner v4.201 - Bericht erstellt 18/04/2015 um 20:57:42
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-18.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Sveta - SVETA-VAIO
# Gestarted von : C:\Users\Sveta\Downloads\adwcleaner_4.201.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : Guard.Mail.ru
Dienst Gelöscht : iSafeKrnlMon
[#] Dienst Gelöscht : NewVideoPlayerUpdaterService
[#] Dienst Gelöscht : servervo
[#] Dienst Gelöscht : SPPD
Dienst Gelöscht : webinstr
[#] Dienst Gelöscht : winzipersvc
[#] Dienst Gelöscht : PicexaService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\374311380
Ordner Gelöscht : C:\ProgramData\AlterGeo
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\MailUpdate
Ordner Gelöscht : C:\ProgramData\IHProtectUpDate
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mail.Ru
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBestOffersToday
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picexa
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
Ordner Gelöscht : C:\Program Files (x86)\AlterGeo
Ordner Gelöscht : C:\Program Files (x86)\AnyProtectEx
Ordner Gelöscht : C:\Program Files (x86)\LPT
Ordner Gelöscht : C:\Program Files (x86)\Mail.Ru
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\Softonic
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Program Files (x86)\Wajam
Ordner Gelöscht : C:\Program Files (x86)\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\XTab
Ordner Gelöscht : C:\Program Files (x86)\QuickRef_1.10.0.9
Ordner Gelöscht : C:\Program Files (x86)\Convertor
Ordner Gelöscht : C:\Program Files (x86)\Picexa
Ordner Gelöscht : C:\Program Files (x86)\NewPlayer
Ordner Gelöscht : C:\Program Files (x86)\ver7Re-Markable
Ordner Gelöscht : C:\Program Files (x86)\Winsta
Ordner Gelöscht : C:\Program Files (x86)\gmsd_de_251
Ordner Gelöscht : C:\Program Files (x86)\gmsd_de_436
Ordner Gelöscht : C:\Program Files (x86)\mbot_de_60
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\AnyProtectEx
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Sveta\SupTab
Ordner Gelöscht : C:\Users\Sveta\AppData\Local\apn
Ordner Gelöscht : C:\Users\Sveta\AppData\Local\Astromenda
Ordner Gelöscht : C:\Users\Sveta\AppData\Local\Gameo
Ordner Gelöscht : C:\Users\Sveta\AppData\Local\LPT
Ordner Gelöscht : C:\Users\Sveta\AppData\Local\Mail.Ru
Ordner Gelöscht : C:\Users\Sveta\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Sveta\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Sveta\AppData\Local\SmartWeb
Ordner Gelöscht : C:\Users\Sveta\AppData\Local\NewPlayer
Ordner Gelöscht : C:\Users\Sveta\AppData\Local\gmsd_de_251
Ordner Gelöscht : C:\Users\Sveta\AppData\Local\gmsd_de_436
Ordner Gelöscht : C:\Users\Sveta\AppData\Local\mbot_de_60
Ordner Gelöscht : C:\Users\Sveta\AppData\LocalLow\Mail.Ru
Ordner Gelöscht : C:\Users\Sveta\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Sveta\AppData\LocalLow\SmartWeb
Ordner Gelöscht : C:\Users\Sveta\AppData\Roaming\AnyProtectEx
Ordner Gelöscht : C:\Users\Sveta\AppData\Roaming\ap_logs
Ordner Gelöscht : C:\Users\Sveta\AppData\Roaming\Astromenda
Ordner Gelöscht : C:\Users\Sveta\AppData\Roaming\Gameo
Ordner Gelöscht : C:\Users\Sveta\AppData\Roaming\Mail.Ru
Ordner Gelöscht : C:\Users\Sveta\AppData\Roaming\VOPackage
Ordner Gelöscht : C:\Users\Sveta\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\Sveta\AppData\Roaming\wse_astromenda
Ordner Gelöscht : C:\Users\Sveta\AppData\Roaming\MailUpdate
Ordner Gelöscht : C:\Users\Sveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
Ordner Gelöscht : C:\Users\Sveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mail.Ru
Ordner Gelöscht : C:\Users\Sveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Ordner Gelöscht : C:\Users\Sveta\Documents\Optimizer Pro
[!] Ordner Gelöscht : C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx
Datei Gelöscht : C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nkcpopggjcjkiicpenikeogioednjeac_0.localstorage
Datei Gelöscht : C:\Users\Sveta\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_nkcpopggjcjkiicpenikeogioednjeac_0.localstorage
Datei Gelöscht : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Datei Gelöscht : C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
Datei Gelöscht : C:\Users\Sveta\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Windows\System32\log\iSafeKrnlCall.log
Datei Gelöscht : C:\Windows\System32\drivers\webinstr.sys
Datei Gelöscht : C:\Users\Sveta\AppData\Roaming\aps.scan.quick.results
Datei Gelöscht : C:\Users\Sveta\AppData\Roaming\aps.scan.results
Datei Gelöscht : C:\Users\Sveta\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Users\Sveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
Datei Gelöscht : C:\Users\Sveta\Desktop\AnyProtect.lnk
Datei Gelöscht : C:\Users\Sveta\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\user.js
Datei Gelöscht : C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Datei Gelöscht : C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.ask.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.istartsurf.com_0.localstorage
Datei Gelöscht : C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.istartsurf.com_0.localstorage-journal
Datei Gelöscht : C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.luckysearches.com_0.localstorage
Datei Gelöscht : C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.luckysearches.com_0.localstorage-journal

***** [ Geplante Tasks ] *****

Task Gelöscht : APSnotifierPP1
Task Gelöscht : APSnotifierPP2
Task Gelöscht : APSnotifierPP3
Task Gelöscht : Convertor
Task Gelöscht : LaunchSignup
Task Gelöscht : WinKit
Task Gelöscht : WSE_Astromenda
Task Gelöscht : Winsta Update

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{18356501-9030-57E7-FD9A-74A76D010E25}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\nhgcieglcpdegkhamigiokdphfhhnlhh
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\WINDOWS\CURRENTVERSION\APP PATHS\PennyBee.exe
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [gmsd_de_436]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\HomeTab
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\MyBestOffersToday
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\Tutorials
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\V9
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKCU\Software\gameo
Schlüssel Gelöscht : HKCU\Software\TNT2
Schlüssel Gelöscht : HKCU\Software\WajIntEnhance
Schlüssel Gelöscht : HKCU\Software\SearchProtectWS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Re_Markable
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartWeb
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\delta-homesSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : HKLM\SOFTWARE\hdcode
Schlüssel Gelöscht : HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\istartsurfSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\MyBestOffersToday
Schlüssel Gelöscht : HKLM\SOFTWARE\NewPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\supWPM
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\winzipersvc
Schlüssel Gelöscht : HKLM\SOFTWARE\GAMESDESKTOP
Schlüssel Gelöscht : HKLM\SOFTWARE\IHProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM
Schlüssel Gelöscht : HKLM\SOFTWARE\WajIntEnhance
Schlüssel Gelöscht : HKLM\SOFTWARE\QuickRef_1.10.0.9
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedBit
Schlüssel Gelöscht : HKLM\SOFTWARE\luckysearchesSoftware
Schlüssel Gelöscht : HKU\.DEFAULT\Software\AnyProtect
Schlüssel Gelöscht : HKU\.DEFAULT\Software\PennyBee
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MailRuUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\igsc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_de_251_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_de_436_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mbot_de_60_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:54896;hxxps=127.0.0.1:54896
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17728

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v


-\\ Google Chrome v

[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_cmi_14_36_ch&cd=2XzuyEtN2Y1L1Qzu0FtD0B0FzyyByD0DtCzy0BtCyEtCtCyCtN0D0Tzu0SzyzztCtN1L2XzutAtFtBtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyC0EtAtAzy0BtBtGzztAzytDtGtDtC0A0FtGyE0B0BtDtGtBzyyEtByB0AyDtD0D0F0C0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyB0FtC0FyDtCyBtGyCyCtBzztGyEtCyDyEtG0A0CtAtCtGyDyB0Ezzzz0ByE0EtCyB0CyB2Q&cr=1396965784&ir=
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418820330&from=wpm12173&uid=HitachiXHTS545050B9SA00_110413PBN475M7K6YTTEX&q={searchTerms}
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.istartsurf.com/web/?type=dspp&ts=14 ... earchTerms}
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836517&fr ... Y5LmNvbQ==
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.v9.com/web?type=ds&ts=1421836517&fr ... Y5LmNvbQ==
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1429 ... earchTerms}
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.luckysearches.com/web/?type=dspp&ts ... earchTerms}
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.luckysearches.com/web/?type=dspp&ts ... earchTerms}
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : aaaaabfjnbeinlpljodiajipidiompfl
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : pfkfdlcdbajamklbneflfbcmfgddmpae
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : noajmlkipclmeolfcnflkjhijkigpfjh
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : nhgcieglcpdegkhamigiokdphfhhnlhh
[C:\Users\Sveta\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Default_Search_Provider_Data] : {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}",
"usage_count": 0
}
},
"extensions": {
"settings": {
"aaaaabfjnbeinlpljodiajipidiompfl": {
"active_permissions": {
"api": [ "management", "nativeMessaging", "storage", "tabs" ],
"explicit_host": [ "hxxp://*/*", "hxxps://*/*" ],
"manifest_permissions": [ ],
"scriptable_host": [ "*://*.ask.com/

-\\ Chromium v


-\\ Comodo Dragon v


*************************

AdwCleaner[R0].txt - [30923 Bytes] - [18/04/2015 20:54:16]
AdwCleaner[S0].txt - [28379 Bytes] - [18/04/2015 20:57:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28439 Bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu, PC znecisteny haveti

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jarda02
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 čer 2005 11:19

Re: Kontrola logu, PC znecisteny haveti

#5 Příspěvek od jarda02 »

Zde:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sveta at 2015-04-18 23:06:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 377 GB (82%) free of 459 GB
Total RAM: 4012 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:06:53, on 18.04.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Sveta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.eu/vaioportal
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.mail.ru/?ieverfix=1&fr=ieverfix_sg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Html5 geolocation provider - {9BFBA68E-E21B-458E-AE12-FE85E903D2C0} - C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\npHtml5loc.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [VAIO Boot Manager] "C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe"
O4 - HKLM\..\Run: [MAgent] C:\Program Files (x86)\Mail.Ru\Agent\magent.exe -LM
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe" /gui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AlterGeoUpdater] C:\Program Files (x86)\AlterGeo\Html5 geolocation provider\html5locsvc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [AlterGeoUpdater] C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5locsvc.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MAgent] C:\Users\Sveta\AppData\Roaming\Mail.Ru\Agent\magent.exe -CU
O4 - HKCU\..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay
O4 - HKCU\..\Run: [MailRuUpdater] C:\Users\Sveta\AppData\Local\Mail.Ru\MailRuUpdater.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [AlterGeoUpdater] C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5locsvc.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AlterGeoUpdater] C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5locsvc.exe (User 'Default user')
O4 - Startup: Tintenwarnungen überwachen - .lnk = ?
O4 - Startup: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files (x86)\Mail.Ru\Agent\magent.exe (file missing)
O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files (x86)\Mail.Ru\Agent\magent.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Sveta\AppData\Roaming\Mail.Ru\Agent\magent.exe (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Sveta\AppData\Roaming\Mail.Ru\Agent\magent.exe (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F5033D5-5427-46EB-8ECD-440AEBEA6B1F}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit-Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Browser-Schutz (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17623 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 17174944
\??\C:\Windows\system32\conhost.exe "-13512725812340120581565803385-1070926463-2143896100-1486256833-650044036-1929336291
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Explorer.EXE
taskeng.exe {4DD49D7A-D428-4DF3-89F7-46DDF22C9BC3}
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe"
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Apoint\Apoint.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe"
"C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe" /Stay
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Officejet 6700\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN35HBSKT505RQ;CONNECTION=NW;MONITOR=1;
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Officejet 6700\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN35HBSKT505RQ;CONNECTION=NW;MONITOR=1;
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe"
"C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
C:\Windows\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529}
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000074c
"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe"
"C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe" -Embedding
C:\Windows\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 4628
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
/Device:000000a1
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\alg.exe
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-5926766119583275241483304782-187593053312796868231946853734176968231357033698
"C:\Program Files\Apoint\Apvfb.exe"
"C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe" -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Sony\VAIO Care\VCsystray.exe"
"C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe"
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\vds.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata"
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe"
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8100.0.995997719\157298786" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,41 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.823.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=de --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Hivemind_A2_Stable_R7_Postperiod/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=8100 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="8100.2.1492446504\163915883" /prefetch:673131151
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=de --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Hivemind_A2_Stable_R7_Postperiod/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=8100 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="8100.6.884032411\1967984582" /prefetch:673131151

"C:\Users\Sveta\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AlterGeoUpdaterS-1-5-18.job - C:\Program Files (x86)\AlterGeo\Html5 geolocation provider\html5locsvc.exe /task
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2111165262-662730761-1409148565-1000Core.job - C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2111165262-662730761-1409148565-1000UA.job - C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-18 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-30 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-18 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID-Anmelde-Hilfsprogramm - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BFBA68E-E21B-458E-AE12-FE85E903D2C0}]
AlterGeoBHO Class - C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\npHtml5loc.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-23 11490408]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-02-23 2179688]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-06 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-06 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-06 418328]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2010-12-06 226672]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
""= []
"AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [2015-03-10 9566192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlterGeoUpdater"=C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5locsvc.exe []
"Google Update"=C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-20 116648]
"MAgent"=C:\Users\Sveta\AppData\Roaming\Mail.Ru\Agent\magent.exe -CU []
"Elbserver"=C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [2011-04-02 83344]
"MailRuUpdater"=C:\Users\Sveta\AppData\Local\Mail.Ru\MailRuUpdater.exe []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-01-23 31087200]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-02-26 336384]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2011-02-15 2757312]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2013-05-08 44128]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2013-05-08 642664]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-11-27 648032]
"VAIO Boot Manager"=C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe [2011-03-11 2096320]
"MAgent"=C:\Program Files (x86)\Mail.Ru\Agent\magent.exe -LM []
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe /gui []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"AlterGeoUpdater"=C:\Program Files (x86)\AlterGeo\Html5 geolocation provider\html5locsvc.exe []
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-02-20 689744]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-08-16 152392]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-04-18 5512912]

C:\Users\Sveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Tintenwarnungen überwachen - .lnk - C:\Windows\system32\RunDll32.exe
Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-06 385024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CCL]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Windows\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2015-04-18 22:47:39 ----D---- C:\Fotos_Jarek
2015-04-18 22:12:51 ----RA---- C:\Windows\system32\AdobePDFUI.dll
2015-04-18 22:10:05 ----D---- C:\_AcroTemp
2015-04-18 20:53:30 ----D---- C:\AdwCleaner
2015-04-18 15:58:04 ----A---- C:\autoexec.bat
2015-04-18 15:56:23 ----D---- C:\Program Files\Enigma Software Group
2015-04-18 11:30:26 ----D---- C:\rsit
2015-04-18 11:30:26 ----D---- C:\Program Files\trend micro
2015-04-18 11:19:33 ----D---- C:\Users\Sveta\AppData\Roaming\LavasoftStatistics
2015-04-18 11:18:45 ----D---- C:\Program Files\Lavasoft
2015-04-18 11:17:42 ----D---- C:\Users\Sveta\AppData\Roaming\Lavasoft
2015-04-18 11:17:29 ----D---- C:\Program Files\Common Files\Lavasoft
2015-04-18 11:16:15 ----D---- C:\ProgramData\Lavasoft
2015-04-18 11:12:29 ----A---- C:\momotor.txt
2015-04-18 04:42:49 ----D---- C:\Windows\system32\appraiser
2015-04-18 01:58:02 ----D---- C:\Users\Sveta\AppData\Roaming\AVAST Software
2015-04-18 01:57:51 ----D---- C:\Users\Sveta\AppData\Roaming\PDFConvert
2015-04-18 01:57:51 ----D---- C:\Users\Sveta\AppData\Roaming\DocToPDFConverter
2015-04-18 01:56:19 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-04-18 01:56:17 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-04-18 01:56:17 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-04-18 01:56:16 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-04-18 01:56:15 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-04-18 01:56:13 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-04-18 01:56:13 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-04-18 01:56:11 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-04-18 01:56:06 ----A---- C:\Windows\system32\aswBoot.exe
2015-04-18 01:55:50 ----A---- C:\Windows\avastSS.scr
2015-04-18 01:53:48 ----D---- C:\Program Files\AVAST Software
2015-04-18 01:53:05 ----D---- C:\ProgramData\AVAST Software
2015-04-16 21:54:45 ----A---- C:\Windows\SYSWOW64\CCLOff.ini
2015-04-16 21:54:45 ----A---- C:\Windows\system32\CCLOff.ini
2015-04-16 21:53:20 ----A---- C:\Windows\SYSWOW64\CCL.dll
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-16 09:25:02 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-16 09:25:02 ----A---- C:\Windows\system32\wuapp.exe
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wups2.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wups.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wudriver.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wucltux.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wuapi.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-16 09:24:50 ----A---- C:\Windows\system32\generaltel.dll
2015-04-16 09:24:50 ----A---- C:\Windows\system32\devinv.dll
2015-04-16 09:24:50 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-16 09:24:50 ----A---- C:\Windows\system32\acmigration.dll
2015-04-16 09:24:49 ----A---- C:\Windows\system32\invagent.dll
2015-04-16 09:24:49 ----A---- C:\Windows\system32\appraiser.dll
2015-04-16 09:24:49 ----A---- C:\Windows\system32\aepic.dll
2015-04-16 09:24:49 ----A---- C:\Windows\system32\aeinv.dll
2015-04-16 09:24:47 ----A---- C:\Windows\system32\aepdu.dll
2015-04-16 09:24:45 ----A---- C:\Windows\system32\gdi32.dll
2015-04-16 09:24:44 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-16 09:24:42 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-16 09:24:42 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-16 09:24:42 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-16 09:24:42 ----A---- C:\Windows\system32\msxml3.dll
2015-04-16 09:24:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-16 09:24:00 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-16 09:24:00 ----A---- C:\Windows\system32\ntdll.dll
2015-04-16 09:24:00 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-16 09:23:59 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-16 09:23:59 ----A---- C:\Windows\system32\kernel32.dll
2015-04-16 09:23:57 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-16 09:23:57 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-16 09:23:57 ----A---- C:\Windows\system32\wow64win.dll
2015-04-16 09:23:57 ----A---- C:\Windows\system32\schannel.dll
2015-04-16 09:23:56 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-16 09:23:56 ----A---- C:\Windows\system32\wow64.dll
2015-04-16 09:23:56 ----A---- C:\Windows\system32\srcore.dll
2015-04-16 09:23:56 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-16 09:23:56 ----A---- C:\Windows\system32\conhost.exe
2015-04-16 09:23:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-16 09:23:55 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-16 09:23:55 ----A---- C:\Windows\system32\winsrv.dll
2015-04-16 09:23:55 ----A---- C:\Windows\system32\rstrui.exe
2015-04-16 09:23:55 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-16 09:23:55 ----A---- C:\Windows\system32\kerberos.dll
2015-04-16 09:23:55 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-16 09:23:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-16 09:23:54 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\wdigest.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\sspicli.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\smss.exe
2015-04-16 09:23:54 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-16 09:23:53 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-16 09:23:53 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-16 09:23:53 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-16 09:23:53 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-16 09:23:53 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-16 09:23:53 ----A---- C:\Windows\system32\srclient.dll
2015-04-16 09:23:53 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-16 09:23:53 ----A---- C:\Windows\system32\lsass.exe
2015-04-16 09:23:53 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-16 09:23:53 ----A---- C:\Windows\system32\auditpol.exe
2015-04-16 09:23:52 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-16 09:23:52 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-16 09:23:52 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-16 09:23:52 ----A---- C:\Windows\system32\secur32.dll
2015-04-16 09:23:52 ----A---- C:\Windows\system32\credssp.dll
2015-04-16 09:23:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:23:51 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:23:51 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:23:51 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-16 09:23:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-16 09:23:51 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-16 09:23:51 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:23:47 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-16 09:23:47 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-16 09:23:47 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-16 09:23:47 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-16 09:23:46 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-16 09:23:46 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-16 09:23:46 ----A---- C:\Windows\system32\msaudite.dll
2015-04-16 09:23:46 ----A---- C:\Windows\system32\adtschema.dll
2015-04-16 09:23:45 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-16 09:23:45 ----A---- C:\Windows\system32\msobjs.dll
2015-04-16 09:23:19 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-16 09:23:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-16 09:23:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-16 09:23:06 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-16 09:23:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-16 09:23:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-16 09:23:04 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-16 09:23:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-16 09:23:02 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-16 09:23:02 ----A---- C:\Windows\system32\iernonce.dll
2015-04-16 09:23:02 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-16 09:23:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-16 09:23:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-16 09:23:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-16 09:23:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 09:23:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-16 09:22:57 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-16 09:22:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-16 09:22:57 ----A---- C:\Windows\system32\urlmon.dll
2015-04-16 09:22:57 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-16 09:22:56 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-16 09:22:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-16 09:22:56 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-16 09:22:56 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-16 09:22:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 09:22:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-16 09:22:55 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 09:22:55 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-16 09:22:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-16 09:22:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-16 09:22:54 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-16 09:22:53 ----A---- C:\Windows\system32\iesetup.dll
2015-04-16 09:22:53 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-16 09:22:52 ----A---- C:\Windows\system32\iertutil.dll
2015-04-16 09:22:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-16 09:22:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-16 09:22:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-16 09:22:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-16 09:22:50 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-16 09:22:50 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-16 09:22:48 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-16 09:22:47 ----A---- C:\Windows\system32\ieui.dll
2015-04-16 09:22:47 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-16 09:22:46 ----A---- C:\Windows\system32\ieframe.dll
2015-04-16 09:22:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-16 09:22:45 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-16 09:22:45 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-16 09:22:44 ----A---- C:\Windows\system32\vbscript.dll
2015-04-16 09:22:44 ----A---- C:\Windows\system32\jscript9.dll
2015-04-16 09:22:43 ----A---- C:\Windows\system32\wininet.dll
2015-04-16 09:22:40 ----A---- C:\Windows\system32\msrating.dll
2015-04-16 09:22:40 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-16 09:22:39 ----A---- C:\Windows\system32\mshtml.dll
2015-04-16 09:22:05 ----A---- C:\Windows\system32\clfs.sys
2015-04-16 09:22:04 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-16 09:22:04 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-08 03:02:22 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-08 03:02:21 ----SD---- C:\Windows\system32\GWX
2015-04-01 13:36:37 ----D---- C:\Users\Sveta\AppData\Roaming\Picexa Viewer

======List of files/folders modified in the last 1 month======

2015-04-18 23:06:53 ----D---- C:\Windows\Temp
2015-04-18 22:58:12 ----SD---- C:\Users\Sveta\AppData\Roaming\Microsoft
2015-04-18 22:49:43 ----D---- C:\Windows\System32
2015-04-18 22:49:43 ----D---- C:\Windows\inf
2015-04-18 22:49:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-18 22:39:41 ----D---- C:\Windows\system32\config
2015-04-18 22:22:44 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-18 22:22:33 ----D---- C:\Users\Sveta\AppData\Roaming\Skype
2015-04-18 22:13:57 ----SHD---- C:\Windows\Installer
2015-04-18 22:08:08 ----D---- C:\Windows\SysWOW64
2015-04-18 21:00:17 ----D---- C:\Windows\Tasks
2015-04-18 21:00:17 ----D---- C:\Windows\system32\Tasks
2015-04-18 21:00:15 ----D---- C:\Windows\system32\log
2015-04-18 21:00:15 ----D---- C:\Windows\system32\drivers
2015-04-18 20:58:31 ----D---- C:\Program Files (x86)
2015-04-18 20:57:43 ----HD---- C:\ProgramData
2015-04-18 16:06:59 ----SD---- C:\ProgramData\Microsoft
2015-04-18 16:06:59 ----D---- C:\Program Files (x86)\Microsoft
2015-04-18 15:57:29 ----SHD---- C:\System Volume Information
2015-04-18 15:56:23 ----RD---- C:\Program Files
2015-04-18 11:17:29 ----D---- C:\Program Files\Common Files
2015-04-18 05:00:50 ----D---- C:\Windows\Microsoft.NET
2015-04-18 04:58:13 ----RSD---- C:\Windows\assembly
2015-04-18 04:48:21 ----D---- C:\Windows\winsxs
2015-04-18 04:42:52 ----D---- C:\Windows\SYSWOW64\de-DE
2015-04-18 04:42:51 ----D---- C:\Windows\system32\de-DE
2015-04-18 04:42:51 ----D---- C:\Windows\PolicyDefinitions
2015-04-18 04:42:50 ----SD---- C:\Windows\system32\CompatTel
2015-04-18 04:42:50 ----D---- C:\Windows\AppCompat
2015-04-18 04:42:49 ----D---- C:\Windows\system32\wbem
2015-04-18 04:42:48 ----D---- C:\Windows\AppPatch
2015-04-18 04:42:34 ----D---- C:\Program Files\Internet Explorer
2015-04-18 04:42:31 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-18 04:42:30 ----D---- C:\Windows\system32\en-US
2015-04-18 04:42:28 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-18 04:38:33 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-18 04:35:34 ----D---- C:\Windows\system32\MRT
2015-04-18 04:25:18 ----D---- C:\Windows\debug
2015-04-18 04:25:11 ----A---- C:\Windows\system32\MRT.exe
2015-04-18 01:56:03 ----D---- C:\Windows
2015-04-18 01:42:06 ----D---- C:\ProgramData\Avira
2015-04-18 01:42:04 ----D---- C:\Program Files (x86)\Avira
2015-04-18 01:05:54 ----D---- C:\Windows\Prefetch
2015-04-16 22:35:12 ----D---- C:\Windows\system32\DriverStore
2015-04-16 22:08:09 ----D---- C:\Windows\Minidump
2015-04-16 17:21:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-16 09:20:53 ----D---- C:\Windows\system32\catroot2
2015-04-08 03:02:38 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-18 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-18 271200]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2011-03-18 438808]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-18 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-18 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-18 442264]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-19 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-11-25 28600]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-18 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-18 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-18 136752]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-19 108440]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-06 9079808]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-06 299520]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\drivers\Apfiltr.sys [2010-12-06 316024]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-23 2520936]
R3 IntcDAud;Intel(R) Display-Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-04-06 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-04-06 12273408]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2011-03-08 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-01-04 8507392]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2011-02-24 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2011-02-24 181760]
R3 RRNetCapMP;RRNetCapMP; C:\Windows\system32\DRIVERS\rrnetcap.sys [2012-03-20 37480]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-30 425064]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2010-04-26 12032]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 StillCam;Treiber für serielle Digitalkamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 tbhsd;Audials Sound Capturing; C:\Windows\system32\drivers\tbhsd.sys [2012-03-20 47208]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2011-04-06 344616]
S3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys [2011-04-06 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2011-04-06 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-04-06 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-04-06 21544]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2012-09-10 22528]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RRNetCap;RRNetCap Service; C:\Windows\system32\DRIVERS\rrnetcap.sys [2012-03-20 37480]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-18 329832]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2015-01-22 452040]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;USB-RNDIS-Adapter; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-06 203776]
R2 AntiVirSchedulerService;Avira Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-02-20 440400]
R2 AntiVirService;Avira Echtzeit-Scanner; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-02-20 440400]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-18 343336]
R2 Bonjour Service;Dienst "Bonjour"; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-05 1515792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [2015-03-10 720760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-03-08 326168]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-05 836880]
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-03-08 2656280]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2011-03-05 64704]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-02-14 550080]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-02-18 546608]
R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-03-29 852160]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 641352]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
R3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S2 AntiVirWebService;Avira Browser-Schutz; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2014-02-20 1017424]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16 268464]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-30 651720]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu, PC znecisteny haveti

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files (x86)\Skype\Toolbars
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2111165262-662730761-1409148565-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2111165262-662730761-1409148565-1000UA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8984B388-A5BB-4DF7-B274-77B879E179DB}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Guard.Mail.ru.gui"=-
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jarda02
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 čer 2005 11:19

Re: Kontrola logu, PC znecisteny haveti

#7 Příspěvek od jarda02 »

Hotovo.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sveta at 2015-04-19 15:48:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 379 GB (83%) free of 459 GB
Total RAM: 4012 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:48:49, on 19.04.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files\trend micro\Sveta.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.eu/vaioportal
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.mail.ru/?ieverfix=1&fr=ieverfix_sg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Html5 geolocation provider - {9BFBA68E-E21B-458E-AE12-FE85E903D2C0} - C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\npHtml5loc.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [VAIO Boot Manager] "C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe"
O4 - HKLM\..\Run: [MAgent] C:\Program Files (x86)\Mail.Ru\Agent\magent.exe -LM
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Google Update] "C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MAgent] C:\Users\Sveta\AppData\Roaming\Mail.Ru\Agent\magent.exe -CU
O4 - HKCU\..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [AlterGeoUpdater] C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5locsvc.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AlterGeoUpdater] C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5locsvc.exe (User 'Default user')
O4 - Startup: Tintenwarnungen überwachen - .lnk = ?
O4 - Startup: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files (x86)\Mail.Ru\Agent\magent.exe (file missing)
O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files (x86)\Mail.Ru\Agent\magent.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Sveta\AppData\Roaming\Mail.Ru\Agent\magent.exe (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Sveta\AppData\Roaming\Mail.Ru\Agent\magent.exe (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F5033D5-5427-46EB-8ECD-440AEBEA6B1F}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit-Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Browser-Schutz (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17057 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 19883552
\??\C:\Windows\system32\conhost.exe "-95131439-1927127671954046257-210246126120193843441157983761-300595234-1695551653
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe"
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
"C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 3120
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000007b0
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe"
"taskhost.exe"
taskeng.exe {332F6373-823F-48D5-96C1-22141352118A}
taskeng.exe {5DC397EC-0D4F-4D74-B0E3-81EABEEEE320}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
/Device:000000a1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Apoint\Apoint.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe" /Stay
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Officejet 6700\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN35HBSKT505RQ;CONNECTION=NW;MONITOR=1;
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Officejet 6700\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN35HBSKT505RQ;CONNECTION=NW;MONITOR=1;
"Apntex.exe"
"C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files\Apoint\Apvfb.exe"
\??\C:\Windows\system32\conhost.exe "-358419745-117831758314387438516104581931841547915-1636274702-965851876750451881
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe"
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
C:\Windows\system32\DllHost.exe /Processid:{B32DAC50-97B2-4BF7-A8DB-418294621529}
"C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe" -Embedding
"C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe"
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6060.0.1793557479\1165337768" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,41 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.823.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=de --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Hivemind_A2_Stable_R7_Postperiod/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6060 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6060.2.1589177217\1935663383" /prefetch:673131151
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Users\Sveta\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=de --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Hivemind_A2_Stable_R7_Postperiod/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Enabled/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group2/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_83/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6060 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6060.6.1804456278\252305616" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe" -Embedding
C:\Windows\system32\wbem\WmiApSrv.exe
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Sveta\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AlterGeoUpdaterS-1-5-18.job - C:\Program Files (x86)\AlterGeo\Html5 geolocation provider\html5locsvc.exe /task

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-18 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-30 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-18 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID-Anmelde-Hilfsprogramm - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9BFBA68E-E21B-458E-AE12-FE85E903D2C0}]
AlterGeoBHO Class - C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\npHtml5loc.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-23 11490408]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-02-23 2179688]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-04-06 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-04-06 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-04-06 418328]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2010-12-06 226672]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Sveta\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-20 116648]
"MAgent"=C:\Users\Sveta\AppData\Roaming\Mail.Ru\Agent\magent.exe -CU []
"Elbserver"=C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [2011-04-02 83344]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-01-23 31087200]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdAwareTray]
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [2015-03-10 9566192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlterGeoUpdater]
C:\ProgramData\AlterGeo\Update for Html5 geolocation provider\html5locsvc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-02-20 689744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Guard.Mail.ru.gui]
C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe /gui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-08-16 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MailRuUpdater]
C:\Users\Sveta\AppData\Local\Mail.Ru\MailRuUpdater.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-02-26 336384]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2011-02-15 2757312]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2013-05-08 44128]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2013-05-08 642664]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-11-27 648032]
"VAIO Boot Manager"=C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe [2011-03-11 2096320]
"MAgent"=C:\Program Files (x86)\Mail.Ru\Agent\magent.exe -LM []
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-04-18 5512912]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-02-20 689744]

C:\Users\Sveta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Tintenwarnungen überwachen - .lnk - C:\Windows\system32\RunDll32.exe
Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-06 385024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CCL]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Windows\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2015-04-19 15:40:13 ----D---- C:\_OTM
2015-04-18 22:47:39 ----D---- C:\Fotos_Jarek
2015-04-18 22:12:51 ----RA---- C:\Windows\system32\AdobePDFUI.dll
2015-04-18 22:10:05 ----D---- C:\_AcroTemp
2015-04-18 20:53:30 ----D---- C:\AdwCleaner
2015-04-18 15:58:04 ----A---- C:\autoexec.bat
2015-04-18 15:56:23 ----D---- C:\Program Files\Enigma Software Group
2015-04-18 11:30:26 ----D---- C:\rsit
2015-04-18 11:30:26 ----D---- C:\Program Files\trend micro
2015-04-18 11:19:33 ----D---- C:\Users\Sveta\AppData\Roaming\LavasoftStatistics
2015-04-18 11:18:45 ----D---- C:\Program Files\Lavasoft
2015-04-18 11:17:42 ----D---- C:\Users\Sveta\AppData\Roaming\Lavasoft
2015-04-18 11:17:29 ----D---- C:\Program Files\Common Files\Lavasoft
2015-04-18 11:16:15 ----D---- C:\ProgramData\Lavasoft
2015-04-18 11:12:29 ----A---- C:\momotor.txt
2015-04-18 04:42:49 ----D---- C:\Windows\system32\appraiser
2015-04-18 01:58:02 ----D---- C:\Users\Sveta\AppData\Roaming\AVAST Software
2015-04-18 01:57:51 ----D---- C:\Users\Sveta\AppData\Roaming\PDFConvert
2015-04-18 01:57:51 ----D---- C:\Users\Sveta\AppData\Roaming\DocToPDFConverter
2015-04-18 01:56:19 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-04-18 01:56:17 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-04-18 01:56:17 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-04-18 01:56:16 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-04-18 01:56:15 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-04-18 01:56:13 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-04-18 01:56:13 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-04-18 01:56:11 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-04-18 01:56:06 ----A---- C:\Windows\system32\aswBoot.exe
2015-04-18 01:55:50 ----A---- C:\Windows\avastSS.scr
2015-04-18 01:53:48 ----D---- C:\Program Files\AVAST Software
2015-04-18 01:53:05 ----D---- C:\ProgramData\AVAST Software
2015-04-16 21:54:45 ----A---- C:\Windows\SYSWOW64\CCLOff.ini
2015-04-16 21:54:45 ----A---- C:\Windows\system32\CCLOff.ini
2015-04-16 21:53:20 ----A---- C:\Windows\SYSWOW64\CCL.dll
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-16 09:25:02 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-16 09:25:02 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-16 09:25:02 ----A---- C:\Windows\system32\wuapp.exe
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wups2.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wups.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wudriver.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wucltux.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wuapi.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-16 09:25:01 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-16 09:24:50 ----A---- C:\Windows\system32\generaltel.dll
2015-04-16 09:24:50 ----A---- C:\Windows\system32\devinv.dll
2015-04-16 09:24:50 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-16 09:24:50 ----A---- C:\Windows\system32\acmigration.dll
2015-04-16 09:24:49 ----A---- C:\Windows\system32\invagent.dll
2015-04-16 09:24:49 ----A---- C:\Windows\system32\appraiser.dll
2015-04-16 09:24:49 ----A---- C:\Windows\system32\aepic.dll
2015-04-16 09:24:49 ----A---- C:\Windows\system32\aeinv.dll
2015-04-16 09:24:47 ----A---- C:\Windows\system32\aepdu.dll
2015-04-16 09:24:45 ----A---- C:\Windows\system32\gdi32.dll
2015-04-16 09:24:44 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-16 09:24:42 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-16 09:24:42 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-16 09:24:42 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-16 09:24:42 ----A---- C:\Windows\system32\msxml3.dll
2015-04-16 09:24:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-16 09:24:00 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-16 09:24:00 ----A---- C:\Windows\system32\ntdll.dll
2015-04-16 09:24:00 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-16 09:23:59 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-16 09:23:59 ----A---- C:\Windows\system32\kernel32.dll
2015-04-16 09:23:57 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-16 09:23:57 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-16 09:23:57 ----A---- C:\Windows\system32\wow64win.dll
2015-04-16 09:23:57 ----A---- C:\Windows\system32\schannel.dll
2015-04-16 09:23:56 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-16 09:23:56 ----A---- C:\Windows\system32\wow64.dll
2015-04-16 09:23:56 ----A---- C:\Windows\system32\srcore.dll
2015-04-16 09:23:56 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-16 09:23:56 ----A---- C:\Windows\system32\conhost.exe
2015-04-16 09:23:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-16 09:23:55 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-16 09:23:55 ----A---- C:\Windows\system32\winsrv.dll
2015-04-16 09:23:55 ----A---- C:\Windows\system32\rstrui.exe
2015-04-16 09:23:55 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-16 09:23:55 ----A---- C:\Windows\system32\kerberos.dll
2015-04-16 09:23:55 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-16 09:23:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-16 09:23:54 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\wdigest.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\sspicli.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\smss.exe
2015-04-16 09:23:54 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-16 09:23:54 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-16 09:23:53 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-16 09:23:53 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-16 09:23:53 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-16 09:23:53 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-16 09:23:53 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-16 09:23:53 ----A---- C:\Windows\system32\srclient.dll
2015-04-16 09:23:53 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-16 09:23:53 ----A---- C:\Windows\system32\lsass.exe
2015-04-16 09:23:53 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-16 09:23:53 ----A---- C:\Windows\system32\auditpol.exe
2015-04-16 09:23:52 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-16 09:23:52 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-16 09:23:52 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-16 09:23:52 ----A---- C:\Windows\system32\secur32.dll
2015-04-16 09:23:52 ----A---- C:\Windows\system32\credssp.dll
2015-04-16 09:23:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:23:51 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:23:51 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 09:23:51 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-16 09:23:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-16 09:23:51 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-16 09:23:51 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:23:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 09:23:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 09:23:48 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 09:23:47 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 09:23:47 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-16 09:23:47 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-16 09:23:47 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-16 09:23:47 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-16 09:23:46 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-16 09:23:46 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-16 09:23:46 ----A---- C:\Windows\system32\msaudite.dll
2015-04-16 09:23:46 ----A---- C:\Windows\system32\adtschema.dll
2015-04-16 09:23:45 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-16 09:23:45 ----A---- C:\Windows\system32\msobjs.dll
2015-04-16 09:23:19 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-16 09:23:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-16 09:23:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-16 09:23:06 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-16 09:23:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-16 09:23:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-16 09:23:04 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-16 09:23:02 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-16 09:23:02 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-16 09:23:02 ----A---- C:\Windows\system32\iernonce.dll
2015-04-16 09:23:02 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-16 09:23:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-16 09:23:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-16 09:23:01 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-16 09:23:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 09:23:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-16 09:22:57 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-16 09:22:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-16 09:22:57 ----A---- C:\Windows\system32\urlmon.dll
2015-04-16 09:22:57 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-16 09:22:56 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-16 09:22:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-16 09:22:56 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-16 09:22:56 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-16 09:22:56 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 09:22:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-16 09:22:55 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 09:22:55 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-16 09:22:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-16 09:22:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-16 09:22:54 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-16 09:22:53 ----A---- C:\Windows\system32\iesetup.dll
2015-04-16 09:22:53 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-16 09:22:52 ----A---- C:\Windows\system32\iertutil.dll
2015-04-16 09:22:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-16 09:22:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-16 09:22:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-16 09:22:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-16 09:22:50 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-16 09:22:50 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-16 09:22:48 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-16 09:22:47 ----A---- C:\Windows\system32\ieui.dll
2015-04-16 09:22:47 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-16 09:22:46 ----A---- C:\Windows\system32\ieframe.dll
2015-04-16 09:22:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-16 09:22:45 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-16 09:22:45 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-16 09:22:44 ----A---- C:\Windows\system32\vbscript.dll
2015-04-16 09:22:44 ----A---- C:\Windows\system32\jscript9.dll
2015-04-16 09:22:43 ----A---- C:\Windows\system32\wininet.dll
2015-04-16 09:22:40 ----A---- C:\Windows\system32\msrating.dll
2015-04-16 09:22:40 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-16 09:22:39 ----A---- C:\Windows\system32\mshtml.dll
2015-04-16 09:22:05 ----A---- C:\Windows\system32\clfs.sys
2015-04-16 09:22:04 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-16 09:22:04 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-08 03:02:22 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-08 03:02:21 ----SD---- C:\Windows\system32\GWX
2015-04-01 13:36:37 ----D---- C:\Users\Sveta\AppData\Roaming\Picexa Viewer

======List of files/folders modified in the last 1 month======

2015-04-19 15:48:49 ----D---- C:\Windows\Temp
2015-04-19 15:47:38 ----D---- C:\Windows\System32
2015-04-19 15:47:38 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-19 15:47:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-19 15:47:25 ----D---- C:\Windows\inf
2015-04-19 15:45:39 ----D---- C:\Users\Sveta\AppData\Roaming\Skype
2015-04-19 15:41:01 ----D---- C:\Windows\SysWOW64
2015-04-19 15:41:01 ----D---- C:\Windows
2015-04-19 15:40:14 ----D---- C:\Windows\Tasks
2015-04-19 15:40:13 ----RD---- C:\Program Files (x86)\Skype
2015-04-19 15:30:50 ----D---- C:\Windows\system32\config
2015-04-18 23:18:28 ----SHD---- C:\Windows\Installer
2015-04-18 23:17:17 ----SD---- C:\ProgramData\Microsoft
2015-04-18 23:16:32 ----D---- C:\Program Files (x86)\Microsoft
2015-04-18 23:16:27 ----SHD---- C:\System Volume Information
2015-04-18 22:58:12 ----SD---- C:\Users\Sveta\AppData\Roaming\Microsoft
2015-04-18 21:00:17 ----D---- C:\Windows\system32\Tasks
2015-04-18 21:00:15 ----D---- C:\Windows\system32\log
2015-04-18 21:00:15 ----D---- C:\Windows\system32\drivers
2015-04-18 20:58:31 ----D---- C:\Program Files (x86)
2015-04-18 20:57:43 ----HD---- C:\ProgramData
2015-04-18 15:56:23 ----RD---- C:\Program Files
2015-04-18 11:17:29 ----D---- C:\Program Files\Common Files
2015-04-18 05:00:50 ----D---- C:\Windows\Microsoft.NET
2015-04-18 04:58:13 ----RSD---- C:\Windows\assembly
2015-04-18 04:48:21 ----D---- C:\Windows\winsxs
2015-04-18 04:42:52 ----D---- C:\Windows\SYSWOW64\de-DE
2015-04-18 04:42:51 ----D---- C:\Windows\system32\de-DE
2015-04-18 04:42:51 ----D---- C:\Windows\PolicyDefinitions
2015-04-18 04:42:50 ----SD---- C:\Windows\system32\CompatTel
2015-04-18 04:42:50 ----D---- C:\Windows\AppCompat
2015-04-18 04:42:49 ----D---- C:\Windows\system32\wbem
2015-04-18 04:42:48 ----D---- C:\Windows\AppPatch
2015-04-18 04:42:34 ----D---- C:\Program Files\Internet Explorer
2015-04-18 04:42:31 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-18 04:42:30 ----D---- C:\Windows\system32\en-US
2015-04-18 04:42:28 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-18 04:38:33 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-18 04:35:34 ----D---- C:\Windows\system32\MRT
2015-04-18 04:25:18 ----D---- C:\Windows\debug
2015-04-18 04:25:11 ----A---- C:\Windows\system32\MRT.exe
2015-04-18 01:42:06 ----D---- C:\ProgramData\Avira
2015-04-18 01:42:04 ----D---- C:\Program Files (x86)\Avira
2015-04-18 01:05:54 ----D---- C:\Windows\Prefetch
2015-04-16 22:35:12 ----D---- C:\Windows\system32\DriverStore
2015-04-16 22:08:09 ----D---- C:\Windows\Minidump
2015-04-16 17:21:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-16 09:20:53 ----D---- C:\Windows\system32\catroot2
2015-04-08 03:02:38 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-18 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-18 271200]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2011-03-18 438808]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-18 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-18 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-18 442264]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-19 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-11-25 28600]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-18 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-18 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-18 136752]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-19 108440]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-06 9079808]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-06 299520]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\drivers\Apfiltr.sys [2010-12-06 316024]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-23 2520936]
R3 IntcDAud;Intel(R) Display-Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-04-06 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-04-06 12273408]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2011-03-08 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-01-04 8507392]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2011-02-24 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2011-02-24 181760]
R3 RRNetCapMP;RRNetCapMP; C:\Windows\system32\DRIVERS\rrnetcap.sys [2012-03-20 37480]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-30 425064]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2010-04-26 12032]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 StillCam;Treiber für serielle Digitalkamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 tbhsd;Audials Sound Capturing; C:\Windows\system32\drivers\tbhsd.sys [2012-03-20 47208]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2011-04-06 344616]
S3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys [2011-04-06 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2011-04-06 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-04-06 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2011-04-06 21544]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2012-09-10 22528]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RRNetCap;RRNetCap Service; C:\Windows\system32\DRIVERS\rrnetcap.sys [2012-03-20 37480]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-18 329832]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2015-01-22 452040]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;USB-RNDIS-Adapter; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-06 203776]
R2 AntiVirSchedulerService;Avira Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-02-20 440400]
R2 AntiVirService;Avira Echtzeit-Scanner; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-02-20 440400]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-18 343336]
R2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 Bonjour Service;Dienst "Bonjour"; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-05 1515792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [2015-03-10 720760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-03-08 326168]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-05 836880]
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-03-08 2656280]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2011-03-05 64704]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-02-14 550080]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-02-18 546608]
R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-03-29 852160]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
R3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
S2 AntiVirWebService;Avira Browser-Schutz; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2014-02-20 1017424]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16 268464]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-30 651720]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 641352]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-05 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
S3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu, PC znecisteny haveti

#8 Příspěvek od Rudy »

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jarda02
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 10 čer 2005 11:19

Re: Kontrola logu, PC znecisteny haveti

#9 Příspěvek od jarda02 »

Hotovo. Vypada to celkove dobre. Nic nadale nevyskakuje, PC jede plynuleji a klideji(mel tendenci jet naplno a temer se prehrivat).

Diky moc, Rudy, jste borec! Generelne si tohoto fora velmi cenim, delate dobrou vec. ;-)

S pozdravem
Jarda :thumbsup:
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119359
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu, PC znecisteny haveti

#10 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“